CVE-2018-13032

HIGH

ECESSA ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery via cgi-bin/pl_web.cgi/util_configlogin_act

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-13032. PoCs published by LiquidWorm.

AI-analyzed exploit summary This HTML-based PoC demonstrates a CSRF vulnerability in Ecessa ShieldLink SL175EHQ, allowing an attacker to add a superuser account via a malicious form submission. The exploit targets the `/cgi-bin/pl_web.cgi/util_configlogin_act` endpoint without requiring valid CSRF tokens.

Description

ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/44938

View Code ZIP pw:eip

This HTML-based PoC demonstrates a CSRF vulnerability in Ecessa ShieldLink SL175EHQ, allowing an attacker to add a superuser account via a malicious form submission. The exploit targets the `/cgi-bin/pl_web.cgi/util_configlogin_act` endpoint without requiring valid CSRF tokens.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Ecessa ShieldLink SL175EHQ 10.7.4 and earlier versions

Auth required

Prerequisites: Victim must be authenticated and visit the malicious page

MITRE ATT&CK

T1189 - Drive-by Compromise T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44938/

Scores

CVSS v3 8.8

EPSS 0.0228

EPSS Percentile 80.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-352

Status published

Products (1)

ecessa/shieldlink_sl175ehq_firmware 10.7.4

Published Jul 01, 2018

Tracked Since Feb 18, 2026